Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

olPUTAxpzu.exe

Status: finished
Submission Time: 2022-04-20 15:06:08 +02:00
Malicious
Evader

Comments

Tags

  • 32
  • exe
  • trojan

Details

  • Analysis ID:
    612097
  • API (Web) ID:
    979612
  • Analysis Started:
    2022-04-20 15:07:51 +02:00
  • Analysis Finished:
    2022-04-20 15:24:21 +02:00
  • MD5:
    8a0e3e9d2d00b456539face1b95f5e49
  • SHA1:
    a3e08ca002b4046da36c1d05f079db9ccba567ff
  • SHA256:
    1e9a3a5e2e8da03cb6949e0aa8c169c3e095a7144ac74d87a74450faa83f027d
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Full Report Management Report IOC Report
malicious
Score: 88
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Full Report Management Report IOC Report
malicious
Score: 80
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Run with higher sleep bypass

Third Party Analysis Engines

malicious
Score: 16/26
malicious
malicious

URLs

Name Detection
https://api.brutalhax.net/
http://pki-crl.symauth.com/offlineca/TheInstituteofElectricalandElectronicsEngineersIncIEEERootCA.cr
http://pki-crl.symauth.com/ca_d409a5cb737dc0768fd08ed5256f3633/LatestCRL.crl07
Click to see the 20 hidden entries
http://foo/Login.xaml
https://api.brutal-hax.net/info/cheat_status.php?hack_id=
https://api.brutal-hax.net/Online/set_online_status.php?username=
http://foo/bar/login.baml
https://api.brutal-hax.net/loader_version.php
http://foo/bar/bhicon.png
http://defaultcontainer/bhicon.png
https://brutal-hax.net/
https://api.brutal-hax.net/loader_get_cheats.php?username=
https://api.brutal-hax.net/notification.txt
https://api.brutal-hax.net/loader_cheat_info_ex.php?index=
http://defaultcontainer/Login.xaml
http://foo/bhicon.png
https://discord.gg/brutal-hax
https://api.brutal-hax.net/Driver/Driver1.8_x64.sys
http://pki-ocsp.symauth.com0
https://help.ea.com/en/help/faq/how-to-clean-boot-your-pc/
https://api.brutal-hax.net/loader_statut_new.php
https://api.brutal-hax.net/loader_authentification_new.php?username=
https://api.brutal-hax.net/Online/get_online_users.php?username=

Dropped files

Name File Type Hashes Detection
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_olPUTAxpzu.exe_e22b91f83659b5e64951010ad9cc6d1b32c47_5da1df81_19bd84ad\Report.wer
 Little-endian UTF-16 Unicode text, with CRLF line terminators
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6D9B.tmp.dmp
 Mini DuMP crash report, 14 streams, Wed Apr 20 22:09:27 2022, 0x1205a4 type
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WER759B.tmp.WERInternalMetadata.xml
 XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
 #
Click to see the 1 hidden entries
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7732.tmp.xml
 XML 1.0 document, ASCII text, with CRLF line terminators
 #